cyber module 11 quiz

Ace your homework & exams now with Quizwiz!

during the _____ phase, specific technologies are selected too support the alternatives identified and evaluated in the prior phases

Physical Design

A(n) ____ is a simple project management planning tool used to break the project plan into smaller and smaller steps

Work breakdown structure (WBS)

at the center of the bull's-eye model are the ____ used by the organization to accomplish its work

applications

the _____ methodology has been used by many organizations and requires that issues be addressed from the general to the specific, and that the focus be on systematic solutions instead individual problems

bull's-eye

medium- and large-sized organizations deal with the impact of technical change on the organization's operation through a(n) _____ control process

change

Regardless of an organization's information security needs, the amount of effort that can be expended depends on the available funds; therefore a ____________________ is typically prepared in the analysis phase of the SecSDLC and must be reviewed and verified prior to the development of the project plan.

cost benefit analysis

A(n) _____ is a completed document or program module that can either serve as the beginning point for a later task or become an element in the finished project

deliverable

Some cases of ____ are simple, such as requiring employees to use a new password beginning on an announced date.

direct changeover

Every organization needs to develop an information security department or program of its own

false

all organizations should designate a champion from the general management community of interest to supervise the implementation of an information security project plan

false

the implementation phase is the longest and most expensive phase of the systems development life cycle (SDLC)

false

the networks layer of the bull's eye is the outermost ring of the bull's eye

false

a direct changeover is also known as going "fast turnkey"

false, its cold turkey

the parallel operations strategy works well when an isolated group can serve as a test area, which prevents any problems with the new system dramatically interfering with the performance of the organization as a whole

false, its pilot implementation

in project planning, the tasks or action steps that come before the specific task at hand are commonly referred to as milestones

false, its predecessors

performance management is the process of identifying and controlling the resources applied to a project as well as measuring progress and adjusting the process as progress is made toward the goal

false, its project

the security development life cycle (SDLC) is a general methodology for the design and implementation of an information system

false, its systems

the physical design is the blueprint for the desired solution

false, its the logical design

planning for the implementation phase requires the creation of a detailed request for proposal, which is often assigned either to a project manager or the project champion

false, just plan lol

Technology __________ guides how frequently technical systems are updated, and how technical updates are approved and funded, and also facilitates communication about the technical advances and issues across the organization

governance

technology _____ is a complex process that organizations use to manage the impact and costs of technology implementation, innovation, and obsolescence

governance

during the ____ phase of the SDLC, the process begins by examining the event or plan that initiated the process. During this phase, the objectives, constraints, and scope of the project are specified

investigation

the ____ design phase of an SDLC methodology is implementation independent, meaning that it contains no reference to specific technologies, vendors, or products

logical

A(n) ____ is a formal approach to solving a problem by means of a structured sequence of procedures

methodology

In the early stages of planning, the project planner should attempt to specify completion dates only for major project ____.

milestones

one of the oldest models of change is the Lewin change model, which consists of three stages: unfreezing, _____, and refreezing

moving

the ____ operations strategy involves running the new system concurrently with the old system

parallel

A _____ is usually the best approach to security project implementation

phased implementation

In a _____ implementation, the entire security system is put in place in a single office, department, or division before expanding to the rest of the organization

pilot

during the implementation phase of the SDLC, the organization translates its blueprint for information security into a project _____

plan

the _____ level of the bull's-eye model establishes the ground rules for the use of all systems and describes what is appropriate and what is inappropriate; it enables all other information security components to function correctly

policies

By managing the ____, the organization can reduce unintended consequences by having a process to resolve potential conflict and disruption that uncoordinated change can introduce.

process of change

The goal of the __________ is to resolve any pending project-related issues, critique the overall effort of the project, and draw conclusions about how to improve the project management process for the future.

project wrap-up

_____ is a phenomenon in which the project manager spends more time documenting project tasks, collecting performance measurements, recording project task information, and updating project completion forecasts than accomplishing meaningful project work

projectitis

Many public organizations must spend all budgeted funds within the fiscal year—otherwise, the subsequent year's budget is __________.

reduced by the unspent amount

the level of ____ to change impacts the ease with which an organization is able to implement procedural and managerial changes

resistance

the ____ of any given project plan should be carefully reviewed and kept as small as possible, given the project's objectives

scope

organizations are moving toward more ____-focused development approaches, seeking to improve not only the functionality of the systems they have in place, but consumer confidence in their product

security

tasks or actions steps that come after the task at hand are called

successors

the _____ layer of the bull's-eye model includes computers used as servers, desktop computers, and systems used for process control and manufacturing

systems

A proven method for prioritizing a program of complex change is the bull's-eye method.

true

A task or subtask becomes a(n) action step when it can be completed by one individual or skill set and when it includes a single deliverable.

true

In the physical design phase, specific technologies are selected

true

Planners need to estimate the effort required to complete each task, subtask, or action step.

true

The primary drawback to the direct changeover approach is that if the new system fails or needs modification, users may be without services while the system's bugs are worked out.

true

Weak management support, with overly delegated responsibility and no champion, sentences a project to almost-certain failure.

true

When an estimate is flawed, as when the number of effort-hours required is underestimated, the plan should be corrected and downstream tasks updated to reflect the change.

true

corrective action decisions are usually expressed in terms of trade-offs

true

once a project is underway, it is managed using a process known as gap analysis, which ensures that progress is measured periodically

true

planning for the implementation phase of a security project requires the creation of a detailed project plan

true

the budgets of public organizations are usually the product of legislation or public meetings

true

the bull's-eye model can be used to evaluate the sequence of steps taken to integrate parts of the information security blueprint into a project plan

true

the investigation phase of the SDLC involves specification of the objectives, constraints, and scope of the project

true

the project plan as a whole must describe how to acquire and implement the needed security controls and create a setting in which those controls achieve the desired outcomes

true

the lewin change model includes

unfreezing, moving, refreezing

a type of SDLC in which each phase has results that flow into the next phase is called the _____ model

waterfall

In system development ____ means getting key representatives of user groups to serve as members of the development process

JAD

If the task is to write firewall specifications for the preparation of a(n) ____, the planner would note that the deliverable is a specification document suitable for distribution to vendors.

RFP

Effective planning for information security involves

- collecting information about an organizations objectives - collecting information about an organization's information security enviroment - collecting information about an organizations technical architecture (all of the above)

A methodology and formal development strategy for the design and implementation of an information system is referred to as a __________.

Systems development life cycle


Related study sets

Statistics 1.3 Simple Random Sampling/ 1.4 Other Effective Sampling Methods

View Set

MRU 6.3 Real GDP Per Capita and the Standard of Living

View Set

Sales and Marketing Applications

View Set

Nursing Fundamentals Review Questions (set 3)

View Set